Skip to content

Commit

Permalink
fix(plugins/git): refactor gpg decrypt action
Browse files Browse the repository at this point in the history
  • Loading branch information
@dalisoft
dalisoft committed Feb 21, 2024
1 parent 0c3ba6f commit abcaa38
Showing 1 changed file with 3 additions and 13 deletions.
16 changes: 3 additions & 13 deletions plugins/git.sh
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,8 @@
#!/usr/bin/env bash
set -e

TEMP_GPG_FILE=$(mktemp)
TMP_GIT_CONFIG_FILE=$(mktemp)

export GPG_TTY=$(tty)

prepare() {
export GIT_CONFIG="$TMP_GIT_CONFIG_FILE"
if [[ -n "$GIT_USERNAME" && -n "$GIT_EMAIL" ]]; then
Expand All @@ -23,11 +20,8 @@ prepare() {
log_verbose "Git GPG sign set"
fi
if [[ -n "$GPG_KEY_PASSPHRASE" ]]; then
rm -rf "$TEMP_GPG_FILE"
echo '#!/bin/bash' >>"$TEMP_GPG_FILE"
echo 'gpg --batch --pinentry-mode=loopback --passphrase $GPG_KEY_PASSPHRASE $@' >>"$TEMP_GPG_FILE"
chmod +x "$TEMP_GPG_FILE"
git config gpg.program "$TEMP_GPG_FILE"
echo 'ALLOW_LOOPBACK_PINENTRY=yes' >>~/.gnupg/gpg-agent.conf
gpg-connect-agent reloadagent /bye
fi
}

Expand All @@ -43,10 +37,6 @@ cleanup() {
git config --unset tag.forceSignAnnotated
log_verbose "Git GPG sign unset"
fi
if [[ -n "$GPG_KEY_ID" && -n "$GPG_KEY" && -n "$GPG_KEY_PASSPHRASE" ]]; then
rm -rf "$TEMP_GPG_FILE"
git config --unset gpg.program
fi

git config --unset credential.helper
rm -rf "$TMP_GIT_CONFIG_FILE"
Expand All @@ -61,7 +51,7 @@ release() {
prepare

if [[ -n "$GPG_KEY_ID" ]]; then
git tag --sign "$RELEASE_TAG_NAME" --local-user "$GPG_KEY_ID" "$CHECKOUT_SHA" --message "$RELEASE_BODY"
echo "$GPG_KEY_PASSPHRASE" | git tag --sign "$RELEASE_TAG_NAME" --local-user "$GPG_KEY_ID" "$CHECKOUT_SHA" --message "$RELEASE_BODY" --batch --pinentry-mode loopback --passphrase-fd 0
else
git tag "$RELEASE_TAG_NAME" "$CHECKOUT_SHA"
fi
Expand Down

0 comments on commit abcaa38

Please sign in to comment.